Job ID: 2022-15863 Type: Full-Time # of Openings: 1 Category: Information Technology
Princeton University is seeking a talented Information Security Operations Engineer to join its Information Security Office (ISO). This engineer reports to the Senior Manager of Information Security Operations and is responsible for day-to-day monitoring and maintenance of the information security tools used by the team. As an engineer, you are highly skilled in computing and data security systems and, with ISO leadership, leverage monitoring tools to enhance the security of Princeton's network and systems and its response to threats. You will also gain a clear understanding of the campus culture, policies, governance, and infrastructure.
In this role, you are focused on the integrity of and access to University systems and the tools used to provide that insight. As part of your responsibilities, you will also work on continuous process improvement, proactive solutions, and automation, as well as documentation, reporting, and best practices.
The Security Operations Engineer stays abreast of current security threats and vulnerabilities, and participates in the ISO investigation of emerging threats, services, and solutions for the university information security posture.
The engineer also partners with ISO leadership and technical colleagues to research and resolve security issues, and contributes to ISO efforts to raise the importance ofinformation security awareness across campus.
Serve as the technical lead within the Information Security Operations group, and effectively monitor, identify, and respond to security threats and vulnerabilities.
Configure, troubleshoot, and maintain security infrastructure software and hardware.
Employ technical analysis to identify information security incidents and determine best response and remediation strategies.
In the event of an information security incident, participate in the response with ISO leadership and other OIT personnel.
Maintain knowledge of emerging security monitoring tools, as well as participate in the evaluation of new tools to help ensure the security monitoring services for Princeton’s computing environment is current and meets team needs.
Regularly review relevant cybersecurity sites and bulletins, such as REN-ISAC and Krebs on Security and others, to help ensure the University is as current as possible with information on perceived and existing threats to its information systems and data integrity, customer accounts, and networked devices.
Participate in training support staff to advance the understanding of security concepts, threats and threat methodology, and monitoring tools, and enhance overall support to the Princeton community.
Coordinate and/or author articles for the Knowledgebase in support of the ISO mission and resources.
A minimum of 5 years of experience in the following:
Security and network monitoring and reporting tool evaluation/deployment
Incident response management and procedures
Solid understanding of IDS/IPS systems configuration and management
Interpretation of security alerts, analysis of exploit trends and threat feeds
Experience using SIEM solutions, especially LogRhythm SIEM for detection and management of security incidents, including fine-tuning and configuration of reporting, dashboards and alerts
In depth knowledge of computer security and network monitoring tools, and the ability to assess and recommend the appropriate tools for Princeton
In depth knowledge of network architectures and data flows
Broad understanding and experience with a variety of technologies including vendor-neutral user and system authentication, authorization techniques, and security/data protection methods
Strong interpersonal and communication (oral and written) skills, and the ability to work effectively individually, in teams, and with a diverse user base having varied levels of technical proficiency
Education: Bachelor’s degree or equivalent experience.
CISSP or GIAC certification
Proficiency with LogRhythm SIEM, Windows, Unix/Linux, and Mac OS
Experience with the McAfee Security Suite (e.g. SIEM, EPO), or equivalent set of tools
Experience in higher education IT
Princeton University is an Equal Opportunity/Affirmative Action Employer and all qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability status, protected veteran status, or any other characteristic protected by law. EEO IS THE LAW
Princeton University is a vibrant community of scholarship and learning that stands in the nation's service and in the service of all nations. Chartered in 1746, Princeton is the fourth-oldest college in the United States. Princeton is an independent, coeducational, nondenominational institution that provides undergraduate and graduate instruction in the humanities, social sciences, natural sciences and engineering.As a world-renowned research university, Princeton seeks to achieve the highest levels of distinction in the discovery and transmission of knowledge and understanding. At the same time, Princeton is distinctive among research universities in its commitment to undergraduate teaching.Today, more than 1,100 faculty members instruct approximately 5,200 undergraduate students and 2,600 graduate students. The University's generous financial aid program ensures that talented students from all economic backgrounds can afford a Princeton education.